def error(req: Request, res: Response): """ 根据 code 返回不同的错误响应 目前只有 404 """ res.code = 404 res.body = '<h1>NOT FOUND</h1>'
def fn(req: Request, res: Response, next): # 如果在 cookie 中检查不到 cookie,就进行设置 if req.cookies.get(options['cookie_name'], None) is None: res.cookies.set(options['cookie_name'], csrf_token) # 简单请求不需要检查 csrf_token if req.method in simple_methods: return next() log(req.method, req.headers, options['header_name']) if req.headers.get(options['header_name'], None) != csrf_token: res.code = 403 res.body = '' else: next()